FCA - Building Operational Resilience

The FCA consulted on proposed changes to how firms approach their operational resilience.

These proposals were developed in partnership with the Bank of England – in its capacity of supervising financial market infrastructures (FMIs) – and the Prudential Regulation Authority (PRA) to improve the operational resilience of the UK financial sector.

This is a big shift in the approach taken by both UK and International Regulators’ to the way firms plan for and manage major operational incidents.  Firms will no longer be able to argue, or will find it difficult to do so, that a disruptive event was not anticipated or was not foreseeable when market or consumer harm has occurred as a consequence.

It is now clear that firms will be expected to not just have systems and controls in place to avoid disruptive events, but instead they are expected to assume that they will happen and to be able to maintain continuity of services and avoid market disruption when they do. With an increase in cyber-attacks and incidences, and in the wake of the pandemic it seems to be a reasonable approach taken by the regulators’ and in their thinking.

The FCA rules and guidance will come into force on 31 March 2022 with the hard deadline is 31 March 2025, we are currently helping firms to meet the regulatory requirements in time to meet the deadline this includes the internal and external communications and self-assessments, so please contact us for further guidance, advice and support.